REMARKS 



A final Office Action was mailed on July 13, 2004. Claims 1 - 1 1 are pending in the 
present application. With this Response, Applicants amend the specification, and amend claims 1 
and 3 - 1 1. No new matter is introduced. Support for the claim amendments maybe found, for 
example, in Applicants' specification at page 19, lines 18-24, and at page 20, lines 4-10. 

OBJECTION TO SPECIFICATION 

The specification is objected to at page 5, line 24 through page 9, line 9. Specifically, the 
Examiner finds that the cited text, in the Summary of the Invention, is overly repetitive of the 
claims. Applicants amend this text to reduce this repetition, and respectfully request that the 
objection be withdrawn. 

REJECTION UNDER 35 U.S.C. $112 

Claims 3, 6, 8 and 1 1 are rejected under the second paragraph of 35 U.S.C. § 1 12 as 
being indefinite Specifically, the Examiner questions whether claimed filtering information is 
being distributed by an autonomous system to itself or to other autonomous systems. Applicants 
amend claims 3, 6, 8 and 1 1 to recite that the distribution unit of the border relay device of each 
autonomous system distributes filtering information to "one of other border relay devices 
positioned within one of other autonomous systems", to clarify that the distribution is indeed 
from one autonomous system to another autonomous system. Applicants respectfully submit that 
amended claims 3, 6, 8 and 1 1 are definite, and therefore respectfully request that the rejection 
be withdrawn. 
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REJECTION UNDER 35 U.S.C. § 102 

Claims 1 - 11 are rejected under 35 U.S.C. § 102(e) as being anticipated by U.S. Patent 
Application No. 2002/0035698 to Malan et al. Applicants amend claims 1, 4, 5, 7, 9 and 10 to 
further clarify the nature of their invention, and respectfully traverse these rejections. 

In independent claim 1, Applicants disclose: 

1. An IP communication network system: 

comprising a plurality of autonomous systems, configuring IP networks of 
domains independent of each other, for performing interior- and exterior- 
forwarding of IP packets, 

said plurality of autonomous systems including a plurality of border relay devices 
positioned at borders between the IP networks, 

each of said plurality of border relay devices including: 

a discarding unit for discarding, if the IP packet forwarded is an unauthorized 
intrusion packet, this unauthorized packet when detecting a re-intrusion on the 
basis of filtering information, having at least one of the destination IP address, 
protocol type and port number of the unauthorized packet, for detecting the re- 
intrusion of the unauthorized packet; 

a registration processing unit having a monitoring time for detecting the re- 
intrusion of the unauthorized packet with respect to each of the unauthorized 
packets and deleting, upon the monitoring time corresponding to the unauthorized 
packet expiring, the information of the unauthorized packet from the filtering 
information; and 

a distribution unit for distributing the filtering information to all other border relay 
devices within said same autonomous system. 

Malan discloses an Internet (IP) communication systems including a plurality of 

autonomous zones, between which communications are regulated by border routers (see, e.g., 

FIG. 8 of Malan). As further disclosed by Malan at page 7, paragraph [0106]: 

The zones operate autonomously, and share information about both local and 
remote attacks using the Anomaly Description Protocol. When attacks are 
detected locally, a zone will propagate the attack to its neighbors using the ADP; 
this propagation includes the attack's signature which can be used for both 
detection and blocking. When a zone receives an ADP message from one of its 
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neighbors, it adds this attack to those the local zone looks for. It is then further 
propagated to other neighboring zones when it is detected locally. ADP messages 
are therefore constrained to their appropriate portion of the Internet, allowing for 
scalability. Moreover, when passing attack information to neighbors, the ADP 
attempts to aggregate attack information so that multiple attacks that are described 
with the same aggregate profile, resulting in a single ADP entry. 

While Malan's zones provides notice as to a detected attack to neighboring zones by 
means of an ADP message including a "signature" of the attack, unlike Applicants' invention as 
claimed in claim 1, Malan fails to disclose that that the zone forwards filtering information 
having at least one of the destination IP address, protocol type and port number of the 
unauthorized packet for detecting the re-intrusion of the unauthorized packet (see, e.g., page 19, 
lines 18 - 24 of Applicants' specification). Applicants' filtering information provides greater 
detail than the signature provided by Malan's ADP message, thereby making it easier for a 
neighboring zone to detect the presence of an unauthorized packet. 

In addition, unlike Applicants' invention in claim 1, Malan fails to disclose or suggest 
Applicants' claimed registration processing unit providing a monitoring time for detecting the re- 
intrusion of the unauthorized packet so that, upon expiration of the monitoring time, information 
regarding the unauthorized packet is deleted from the filtering information (see, e.g., page 20, 
lines 4 - 10 of Applicants' specification). Applicants' claimed registration processing unit limits 
the filtering information to report unauthorized packets with high probability of receipt, thereby 
reducing the size of the filtering information and associated processing times for the neighboring 
zones. 

For at least these reasons, Applicants respectfully submit that amended independent claim 
1 is not anticipated by Malan, and is condition for allowance. As amended independent claims 5, 
7 and 10 include limitations that are substantially identical to the above-argued limitations of 
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Applicants' amended independent claim 1, Applicants respectfully submit that amended 
independent claims 5, 7 and 10 are also allowable for at least these reasons. 

In summary, Applicants respectfully submit that independent claims 1, 5, 7 and 10 are 
not made obvious by any combination of the cited references, and are therefore allowable. As 
claims 2 - 4, 5, 8, 9 and 1 1 each depend from one of allowable claims 1, 5, 7 and 11, Applicants 
respectfully submit that claims 2 - 4, 5, 8, 9 and 1 1 are allowable for at least this reason. 

CONCLUSION 

An earnest effort has been made to be fully responsive to the Examiner's objections. In 
view of the above amendments and remarks, it is believed that 1-11, which include independent 
claims 1,5,7 and 10, and the claims that depend therefrom, stand in condition for allowance. 
Passage of this case to allowance is earnestly solicited. However, if for any reason the Examiner 
should consider this application not to be in condition for allowance, he is respectfully requested 
to telephone the undersigned attorney at the number listed below prior to issuing a further 
Action. 



Respectfully submitted, 




Thomas J. Bean 



Reg. No. 44,528 



CUSTOMER NUMBER 026304 



PHONE: (212)940-8800/FAX: (212)940-8776 
DOCKET No.: 100794- 11690 (FUJY 18.639) 
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